Author

Vance Shipley and Serge Aleynikov

Agent Configuration

Directories

In the following examples we will assume we are logged in as the user otpuser and working from a home directory of home/otpuser. Create a subdirectory to contain the configuration files of the agent named snmp/agent/conf and another for the working files named snmp/agent/db.

Agent Information

The snmp/agent/conf/agent.conf file defines the information for this agent. The IP address and port which the agent will respond to must be provided as well as a unique identifier called an engineID. The maximum size of a packet must also be provided.

System Information

The snmp/agent/conf/standard.conf file defines the information
for the system being managed. Here we will use the sysObjectID for
the Ericsson OTP application. If you are creating an agent to manage your
own embedded system you may want to
[http://www.iana.org/cgi-bin/enterprise.pl%7Capply for a
private enterprise number assignment] and create your own
sysObjectID for your network element.

Traps and Notifications

This section describes configuration files required for sending traps and notifications. You can skip it if you don't need to support this functionality by your SNMP agent. The snmp/agent/conf/notify.conf file contains information about SNMP trap definitions

Application Environment

Create the snmp/agent.config system configuration file to be used when we start the node to run the agent. Here we define the required application environment variables. The paths to the subdirectories we created earlier are given so the agent application can find it's configuration files and persistent database.

Manager Information

The snmp/manager/conf/manager.conf file defines the information for this manager. The IP address and port which the manager will use must be provided as well as a unique identifier called an engineID. The maximum size of a packet must also be provided.

Application Environment

Create the snmp/manager.config system configuration file to be used when we start the node to run the manager. Here we define the required application environment variables. The paths to the subdirectories we created earlier are given so the manager application can find it's configuration files and persistent database.

In the above example we have previously used the shell command rr/1 to
load the record definitions so that the output is parsed with record
field names. E.g. rr("/home/otpuser/lib/erlang/lib/snmp-*/include/*").

Adding Authentication and Privacy

User Based Security Model (USM)

With SNMPv3 the agent and manager may share a secret for authentication of
each user using either MD5 or SHA.
2274
specifies an algorithm to generate a localized key using a passphrase
and the local engineID. This localized authentication key is defined in
the agent's or manager's usm.conf file.

Warning:
The examples of snmp:passwd2localized_key() above are incorrect! The 2nd and 3rd arguments
must be swapped: the engine name argument is the 3rd argument. I (slfritchie) have not updated
the rest of the example text, for fear of making a cut-and-paste error that would really
confuse everyone else. However, in my own
testing (using different engine names, password, etc, sorry!), I have been able to verify that
using the engine name in the 2nd arg does not work when trying to walk part of the OID tree
using the equivalent of
"snmpwalk -v 3 -c public -u simple_user -a MD5 -A "my authphrase" -e "hexadecimal version of agent engine name" -l authPriv -x DES -X "my privacy phrase" hostname:4000 .1".

Security Data Configuration

The snmp/agent/conf/usm.conf file defines the security data for each user of an agent. Here we have chosen MD5 based authentication and DES encryption privacy.